Re: [opensuse-security] Re: [opensuse-gnome] Timezone and printer settings too restrictive by default
On Wednesday, February 29, 2012 10:30:38 Johannes Meixner wrote:
Hello,
On Feb 29 00:36 Gerald Pfeifer wrote (excerpt):
On Tue, 28 Feb 2012, Bryen M Yunashko wrote:
As for printers... I see the issue being installation of drivers.
If we're setting up a printer which has a driver already installed
on the machine, then no, password should not be required like that.
Great, we agree on that.
Of course it is not as easy as you think.
Your current point of view printer setup on my own machine
does not apply in any case.
In corporate environments where an admin maintains the workstations
it is usually not wanted that users can change how workstations print
because this can cause printing security issues in the whole network,
see print job phishing at
http://en.opensuse.org/SDB:CUPS_and_SANE_Firewall_settings
openSUSE is not corporate environment but individual desktops, so let's use
sane defaults there.
If the defaults for corporate environments need to be different, then SLES
and SLED can use different defaults - but that doesn't mean openSUSE
should...
Andreas
--
Andreas Jaeger aj@{suse.com,opensuse.org} Twitter/Identica: jaegerandi
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn,Jennifer Guild,Felix Imendörffer,HRB16746 (AG Nürnberg)
GPG fingerprint = 93A3 365E CE47 B889 DF7F FED1 389A 563C C272 A126
--
To unsubscribe, e-mail: opensuse-gnome+unsubscr...@opensuse.org
To contact the owner, e-mail: opensuse-gnome+ow...@opensuse.org
Re: [opensuse-security] Re: [opensuse-gnome] Timezone and printer settings too restrictive by default
On Wed, 29 Feb 2012, Johannes Meixner wrote: In corporate environments where an admin maintains the workstations it is usually not wanted that users can change how workstations print because this can cause printing security issues in the whole network, see print job phishing In corporate environments where an admin maintains the workstations, said admins can easily increase whatever security levels she desires to increase. A vanilla openSUSE installation is not exactly most common in such environments. It's a lot more common, as we see every day, in those cases Linus and me are concerned about. (In fact, a couple of SUSE employees contacted me in the last 24 hours indicating Yes, I do have the root password, but this really has annoyed me all the time.) Of course long ago I had aready filed a matching FATE request https://features.opensuse.org/307745 but nobody - in particular nobody of the management - cares. I am sorry your request did not get picked up for openSUSE. As far as all SUSE products go, indeed I am (Mr. Product) Management. openSUSE is not a SUSE product, though, and there I am just a lowly contributor like everyone else. :-) With a bit of influence, admittedly, in suggesting what SUSE engineering teams contribute to openSUSE, but not in the sense of classic (product) management. Gerald -- Dr. Gerald Pfeifer g...@suse.com || SUSE || Director Product Management -- To unsubscribe, e-mail: opensuse-gnome+unsubscr...@opensuse.org To contact the owner, e-mail: opensuse-gnome+ow...@opensuse.org
